Snowflake is a powerful, performant and cost-effective platform for security data. Its flexible nature and mature ecosystem allows it to complement and enhance a company’s security posture at scale. This webinar will demonstrate how customers can bring in more data without needing to use ingest or compute licenses and how to conduct incident response on historical and auxiliary data with scalable performance.
In this demo, participants will learn how to:
- Query and visualize Snowflake data directly from Splunk with DBConnect
- Easily ingest or archive data from Splunk or other sources into Snowflake
- Conduct an incident response playbook using Snowflake data in Splunk
- Offload detections directly to Snowflake or gradually transition to a modern SIEM